One of the remediation suggestions to go with PoisonTap is enforce the use of SSL on applications to dissuade sniffing/modification of data. What if the attacker also employed SSL stripping? From Samy Kamkar's post on PoisonTap -
...allows attacker to remotely force the user to make HTTP requests and proxy back responses (GET & POSTs) with the user’s cookies on any backdoored domain
So the attacker forces SSL communication to flow through their proxy and carries out SSL stripping. Agreed that a careful user might notice the difference in URL and go no further, but chances are the average user may not notice that.
My question in a nutshell - is there a mitigating factor to counter this scenario?